CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53792 – nvme-core: fix memory leak in dhchap_ctrl_secret
https://notcve.org/view.php?id=CVE-2023-53792
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix memory leak in dhchap_ctrl_secret Free dhchap_secret in nvme_ctrl_dhchap_ctrl_secret_store() before we return when nvme_auth_generate_key() returns error. In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix memory leak in dhchap_ctrl_secret Free dhchap_secret in nvme_ctrl_dhchap_ctrl_secret_store() before we return when nvme_auth_generate_key() returns error. • https://git.kernel.org/stable/c/f50fff73d620cd6e8f48bc58d4f1c944615a3fea •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53791 – md: fix warning for holder mismatch from export_rdev()
https://notcve.org/view.php?id=CVE-2023-53791
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: md: fix warning for holder mismatch from export_rdev() Commit a1d767191096 ("md: use mddev->external to select holder in export_rdev()") fix the problem that 'claim_rdev' is used for blkdev_get_by_dev() while 'rdev' is used for blkdev_put(). However, if mddev->external is changed from 0 to 1, then 'rdev' is used for blkdev_get_by_dev() while 'claim_rdev' is used for blkdev_put(). And this problem can be reporduced reliably by following: New... • https://git.kernel.org/stable/c/a1d7671910965ca9f8f0377e7e3bfd1179fba4d8 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53790 – bpf: Zeroing allocated object from slab in bpf memory allocator
https://notcve.org/view.php?id=CVE-2023-53790
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: Zeroing allocated object from slab in bpf memory allocator Currently the freed element in bpf memory allocator may be immediately reused, for htab map the reuse will reinitialize special fields in map value (e.g., bpf_spin_lock), but lookup procedure may still access these special fields, and it may lead to hard-lockup as shown below: NMI backtrace for cpu 16 CPU: 16 PID: 2574 Comm: htab.bin Tainted: G L 6.1.0+ #1 Hardware name: QEMU S... • https://git.kernel.org/stable/c/0fd7c5d43339b783ee3301a05f925d1e52ac87c9 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53789 – iommu/amd: Improve page fault error reporting
https://notcve.org/view.php?id=CVE-2023-53789
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Improve page fault error reporting If IOMMU domain for device group is not setup properly then we may hit IOMMU page fault. Current page fault handler assumes that domain is always setup and it will hit NULL pointer derefence (see below sample log). Lets check whether domain is setup or not and log appropriate message. Sample log: ---------- amdgpu 0000:00:01.0: amdgpu: SE 1, SH per SE 1, CU per SH 8, active_cu_number 6 BUG: kern... • https://git.kernel.org/stable/c/be8301e2d5a8b95c04ae8e35d7bfee7b0f03f83a •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53788 – ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set()
https://notcve.org/view.php?id=CVE-2023-53788
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set() tuning_ctl_set() might have buffer overrun at (X) if it didn't break from loop by matching (A). static int tuning_ctl_set(...) { for (i = 0; i < TUNING_CTLS_COUNT; i++) (A) if (nid == ca0132_tuning_ctls[i].nid) break; snd_hda_power_up(...); (X) dspio_set_param(..., ca0132_tuning_ctls[i].mid, ...); snd_hda_power_down(...); ^ return 1; } We will get below error by cppcheck sound/pci/h... • https://git.kernel.org/stable/c/ff5e8b49348f6a550c136b74efaf8b3c1d3ceaea •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53787 – regulator: da9063: fix null pointer deref with partial DT config
https://notcve.org/view.php?id=CVE-2023-53787
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: regulator: da9063: fix null pointer deref with partial DT config When some of the da9063 regulators do not have corresponding DT nodes a null pointer dereference occurs on boot because such regulators have no init_data causing the pointers calculated in da9063_check_xvp_constraints() to be invalid. Do not dereference them in this case. In the Linux kernel, the following vulnerability has been resolved: regulator: da9063: fix null pointer de... • https://git.kernel.org/stable/c/b8717a80e6ee6500ae396d21aac2a00947bba993 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-53786 – dm flakey: fix a crash with invalid table line
https://notcve.org/view.php?id=CVE-2023-53786
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: dm flakey: fix a crash with invalid table line This command will crash with NULL pointer dereference: dmsetup create flakey --table \ "0 `blockdev --getsize /dev/ram0` flakey /dev/ram0 0 0 1 2 corrupt_bio_byte 512" Fix the crash by checking if arg_name is non-NULL before comparing it. • https://git.kernel.org/stable/c/f95cb1526669ccdf7eb12eefd57a893953e3595f •
CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53785 – mt76: mt7921: don't assume adequate headroom for SDIO headers
https://notcve.org/view.php?id=CVE-2023-53785
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: don't assume adequate headroom for SDIO headers mt7921_usb_sdio_tx_prepare_skb() calls mt7921_usb_sdio_write_txwi() and mt7921_skb_add_usb_sdio_hdr(), both of which blindly assume that adequate headroom will be available in the passed skb. This assumption typically is satisfied when the skb was allocated in the net core for transmission via the mt7921 netdev (although even that is only an optimization and is not strictly guara... • https://git.kernel.org/stable/c/5c8bbb79c7cbca65534badf360f3b1145759c7bc •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53784 – drm: bridge: dw_hdmi: fix connector access for scdc
https://notcve.org/view.php?id=CVE-2023-53784
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm: bridge: dw_hdmi: fix connector access for scdc Commit 5d844091f237 ("drm/scdc-helper: Pimp SCDC debugs") changed the scdc interface to pick up an i2c adapter from a connector instead. However, in the case of dw-hdmi, the wrong connector was being used to pass i2c adapter information, since dw-hdmi's embedded connector structure is only populated when the bridge attachment callback explicitly asks for it. drm-meson is handling connector... • https://git.kernel.org/stable/c/5d844091f2370f01752c3129b147861b9dcd3d98 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53783 – blk-iocost: fix divide by 0 error in calc_lcoefs()
https://notcve.org/view.php?id=CVE-2023-53783
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: blk-iocost: fix divide by 0 error in calc_lcoefs() echo max of u64 to cost.model can cause divide by 0 error. # echo 8:0 rbps=18446744073709551615 > /sys/fs/cgroup/io.cost.model divide error: 0000 [#1] PREEMPT SMP RIP: 0010:calc_lcoefs+0x4c/0xc0 Call Trace: